This repository has been archived by the owner on Feb 3, 2023. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 11
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Merge pull request #121 from guilhemmarchand/appinspect_wrapper
appinspect API wrapper
- Loading branch information
Showing
2 changed files
with
114 additions
and
1 deletion.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
|
|
@@ -35,3 +35,6 @@ backups | |
|
|
||
| # Visual Basic Code | ||
| .vscode | ||
|
|
||
| # appinspect reports | ||
| appinspect_report*.html | ||
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -1,3 +1,113 @@ | ||
| #!/bin/bash | ||
|
|
||
| splunk-appinspect inspect `ls trackme_*.tgz | head -1` --mode precert --included-tags splunk_appinspect | ||
| #set -x | ||
| unset username | ||
| unset uuid | ||
|
|
||
| echo -n "Enter your Splunk Base login: "; read username | ||
|
|
||
| echo "Attempting login to appinspect API..." | ||
|
|
||
| export appinspect_token=$(curl -X GET \ | ||
| -u ${username} \ | ||
| --url "https://api.splunk.com/2.0/rest/login/splunk" -s | sed 's/%//g' | jq -r .data.token) | ||
|
|
||
| if [ $? -ne 0 ]; then | ||
| echo "ERROR: login to appinspect API has failed, an authentication could be not be generated."; exit 1 | ||
| else | ||
| echo "SUCCESS: Authentication was successful and we got a token." | ||
| fi | ||
|
|
||
| for app in $(ls *.tgz); do | ||
|
|
||
| echo -n "RUN: Please confirm submitting the app ${app} to appinspect API vetting (yes / no) ? "; read submit | ||
| case ${submit} in | ||
| y|yes|Yes) | ||
| echo "RUN: Please wait while submitting to appinspect..." | ||
| uuid=$(curl -X POST \ | ||
| -H "Authorization: bearer ${appinspect_token}" \ | ||
| -H "Cache-Control: no-cache" \ | ||
| -s \ | ||
| -F "app_package=@${app}" \ | ||
| -F "included_tags=cloud" \ | ||
| --url "https://appinspect.splunk.com/v1/app/validate" | jq -r .links | grep href | head -1 | awk -F\" '{print $4}' | awk -F\/ '{print $6}') | ||
|
|
||
| if [ $? -eq 0 ]; then | ||
| echo "INFO: upload was successful, polling status..." | ||
|
|
||
| status=$(curl -X GET \ | ||
| -s \ | ||
| -H "Authorization: bearer ${appinspect_token}" \ | ||
| --url https://appinspect.splunk.com/v1/app/validate/status/${uuid} | jq -r .status) | ||
|
|
||
| while [ $status != "SUCCESS" ]; do | ||
|
|
||
| echo -e "INFO: appinspect is currently running: \n" | ||
| echo "INFO: Sleeping 2 seconds..." | ||
|
|
||
| curl -X GET \ | ||
| -s \ | ||
| -H "Authorization: bearer ${appinspect_token}" \ | ||
| --url https://appinspect.splunk.com/v1/app/validate/status/${uuid} | jq | ||
| sleep 2 | ||
| status=$(curl -X GET \ | ||
| -s \ | ||
| -H "Authorization: bearer ${appinspect_token}" \ | ||
| --url https://appinspect.splunk.com/v1/app/validate/status/${uuid} | jq -r .status) | ||
|
|
||
| done | ||
|
|
||
| case ${status} in | ||
| "SUCCESS") | ||
| echo "INFO: appinspect review was successfully proceeded:" | ||
| curl -X GET \ | ||
| -s \ | ||
| -H "Authorization: bearer ${appinspect_token}" \ | ||
| --url https://appinspect.splunk.com/v1/app/validate/status/${uuid} | jq . | ||
| echo -e "RUN: Download the HTML report in the current directory? (yes / no) "; read download | ||
|
|
||
| case ${download} in | ||
| y|yes|Yes) | ||
| datetime=$(date '+%m%d%Y_%H%M%S') | ||
| filename="appinspect_report_${datetime}.html" | ||
| curl -X GET \ | ||
| -s \ | ||
| -H "Authorization: bearer ${appinspect_token}" \ | ||
| -H "Cache-Control: no-cache" \ | ||
| -H "Content-Type: text/html" \ | ||
| --url "https://appinspect.splunk.com/v1/app/report/${uuid}" \ | ||
| -o ${filename} | ||
|
|
||
| echo "INFO: report downloaded to file ${filename} in the current directory." | ||
|
|
||
| ;; | ||
| n|no|No) | ||
| echo "INFO: Operation completed for ${app} - thank you." | ||
| ;; | ||
| esac | ||
|
|
||
| ;; | ||
| "*") | ||
| echo "ERROR: appinspect review was not successful!" | ||
| ;; | ||
|
|
||
| esac | ||
|
|
||
| else | ||
| echo "ERROR: upload has failed!" | ||
| break | ||
|
|
||
| fi | ||
|
|
||
| ;; | ||
| n|no|No) | ||
|
|
||
| echo "INFO: Application was not submitted" | ||
|
|
||
| ;; | ||
|
|
||
| esac | ||
|
|
||
| done | ||
|
|
||
| exit 0 |